Search Site

We are in jeopardy of losing our democracies

This is a special keynote the whistleblower and former NSA intelligence official Bill Binney gave in Munich in January 2014 on the occasion of the annual Handelsblatt-Tagung “Strategisches IT-Management”.

During his speech, he outlined the procedures he helped to develop to manage the enormous amount of data gathered via automated analysis of electronic communication, ways to analyze metadata to generate profiles of suspicious groups, and how to use this information to predict potential dangers.

In the second part of his presentation, Binney emphasized that NSA operations (as well as the use of their data by other agencies) are fundamentally unconstitutional, as the US constitution does not only prohibit intelligence agencies from gathering information on domestic matters, but also from using or dispersing it for other purposes, such as criminal investigations.

With reference to the technical specifics of the fiber optic network used by phone companies, he deduced that all officials who claimed that they did not intentionally collect data on US citizens were deliberately lying and obfuscating their operations, and that secrecy and dishonesty have thus become general characteristics of the US intelligence agencies and their allies in other countries.

Throughout his talk, Binney linked these practices to the inner workings of totalitarian states, such as the GDR, and to the totalitarian reign of English king George III which had directly preceded the Declaration of Independence. He expressed his worries that not only the US, but democracies all over the world are endangered by an erosion of their fundamental principles.

hypervideo Player

WB: It’s unfortunate I have to talk about that but since I started some of the programs that they’re using I feel kind of obligated to do this. Because I’ve opposed their use of these programs from the very beginning in October 2001. I mean they’re violating the civil rights of everybody in the world.

As I said, you know, I was developing these programs back in the 90’s. The problem we were facing there was that the be digital explosion was occurring starting in the late eighties and into the nineties and when the cold war ended, the wall fell, and we lost the opposition we always referred to - they couldn’t hold up their end so we didn’t have that balance in the world anymore. So they fell apart. So we had to find a new target to work. Well, the problem was:we had those targets there all along, nobody was working them, okay. That was the real problem. So, when you looked around at the communications the world all going digital, and we’re looking at mobile phones and the Internet exploding, and we couldn’t… They called that the “volume, velocity, and variety” problem in an essay. And we were falling behind. Actually, I was telling them that we couldn’t keep up with the rate at which we were falling behind. So, in other words, we were falling behind continuously worse year after year.

So we decided to – that is, Dr. Taggert and I – originally started this Signal Oriented Research Center to address these kinds of problems. It was a center, it was like a skunk works. We brought all the talents together in one place and we then would address a certain problem. I would come from operations, I had the requirements, and I knew exactly what needed to be done, what kind of information we needed to have to be able to produce intelligence that would give us indications about intentions and capabilities of potential enemies - like terrorists or international crime or things like that. And Dr. Taggert brought some of the engineering and computer science expertise, plus we had access to physicists and other mathematicians, of course; I brought in crypto-mathematicians as well as analysts, and linguists, and things like that. So we brought all those skills together in one place.

So when we had a problem, we would sit down and say: “So this is the problem we’re going to work and here’s your part of it, here’s your part. And what we were trying to do is get to that goal.” So everybody knew what the goal was, they knew their part in that effort. So it was all the technology people were all together and everybody understood what we were doing, where we were heading, what the objectives were. So then we would start to iteratively develop. Since we knew where we wanted to go, we didn’t have to lay out a plan, we just started the development almost immediately. And we let documentation come up later, because we were “rapid development, rapid prototyping”, that kind of thing. So, this iterative developed technique was the way we did it.

And so we started to attack the internet, and the first problem was acquisition of information. So we needed to have sessionizers that would sessionize at the rate of fiber optic lines. So 155 megabits per fiber line, and we had our objective to go to individual deployments to handle 64 or 10 Gigabit lines. That was our intent. But I had to set the objective as to what the overall capacity was that we were aiming at, and I set that at 20 terabytes a minute. So we had to be able to not collect the data, but be able to look into the twenty terabytes a minute, to see what was important in there, decide what that was, and pull it out for collection, and following analysis, and reporting of threats.

That was - we made it not a collection problem, but a selection problem. So it was a totally different perspective. Before, they had always considered it a collection issue. We’ll just collect it, you’ll end up getting what you need, and you can sort it out later. But we wanted to make that decision right up front, so that we could eliminate the transport of useless information, the storage of useless information, only focusing on what was important and relevant to the issues that we wanted to analyze and report on, or had National Safety requirements to do.

So, in that case, we ended up needing the kinds of information you see here for tracking Bob, which is: where, when he turns on his computer or or uses credit card or his phone, or he has a smart card that he used to go down a toll road to pay the tolls. So he’s making individual events that are getting electronic recognition and electronic recording. So all those things. Then, in your cell phone - if you have GPS on your cell phone we can track you as you move along. That’s the estimates that I heard - the most recent estimates that have been from the Snowden material - they’re collecting on the order of five billion cell phone GPS locations every day. So that’s on the mobile phone network around - I assume it’s around the world, and it’s on everybody, US citizens included. 05:28 Who uses the collected data?

By the way, this… I should start by saying: this bold collection started against US citizens first. And then it moved to foreigners. So you’re being treated just like a US citizen, okay? That’s the problem. I had a problem right from the beginning, I mean I didn’t only have a problem with the US citizen part because it was unconstitutional, it’s against our laws; we had our laws applied to US citizens, not the acquisition of intelligence about foreigners. But also I objected to the principle of collecting every foreign person, because they weren’t relevant to any national security requirements we had. And so I didn’t really realize the real true intent behind NSA’s bold acquisition until much later, when for example in 2011, in an interview with Bart Gilman, director Mueller of the FBI said he’d been using the Stellar Wind program - which is the domestic spying program - since 2001. That means the FBI - it’s for law enforcement - they were using this data.

And then, later on, in last year the DEA… Reuters gave a report on the DEA use of NSA information. They saw a Special Operations Division which looked into the NSA collection, and they used it to target for law enforcement. And the procedures - and I’ll get into them - simply violated our entire constitution and the entire judicial process, and they are subverting it around the world. So this is really very serious, and you really start objecting to this and doing really vigorously. I mean we have a real chance of losing our democracies around the world. This is a totalitarian process to the nth degree.

I mean even your Chancellor came out and said “This is just like the Stasi.” Well, it’s much better than the Stasi, okay, and your… There was a fellow Wolfgang Schmidt, who was a former Lt. Colonel in the East German Stasi, who commented - I think it was in June 2013, just after the Snowden material started coming out – that… He said about the NSA surveillance program that “for us, this would have been a dream come true”. Well, that’s telling you. I mean, these are totalitarian procedures, we’re going down this path. And now the police forces using - we’re heading towards that police state also. And it fits right in with the passing at the latest NDA. There’s all the stuff is going on; people in the United States are starting to object about this. I mean the congress almost succeeded in un-funding NSA, and I’m still supporting that, by the way. They need to be un-funded because they need to stop this. It’s not acceptable for a democracy, it is not compatible with democracy anywhere, so…

This is the kind of information they need to do this kind of tracking of individuals, also of groups. I mean they would look at the entire group of people who were involved in terrorism, or just your group or a few of the Tea Party. They have the tracking of the Tea Party, or they track even religious groups, or any group in the country, or in the world. It’s not just NSA. In copying and doing the United States it’s now the entire world. And I’ll show you how that works. But this is the key kind of information you need to get it.

Now, in order to get that, they need to tap into the fiber optic line. So, I don’t know that any of you – ah, [pointing at someone in the audience] Deutsche Telekom, I looked at Deutsche Telekom… And I took AT&T Verizon, which I knew were cooperating with NSA, and British Telecom, which are probably cooperating with GCHQ, and of course later Deutsche Telekom in order just to show how they would attack the network. And it’s - the principle is to look at the fiber lines and how they converge to given points in the world, and then you want to put the collection devices at the points where multiple lines converge. Because then those devices can see multiple lines simultaneously.

And you could take, you know, most lines aren’t fully uploaded anyway. So you have the capacity to take mobile lines by one. One Neris [factcheck] device can maybe do to 10 Gigabit lines simultaneously. Until it gets over later, then you have to add another number to back it up. But that’s the idea. So that you can put them in those points where the convergence occurs, then you see many more, many more lines that way. So I looked at that and I went on the web and I pulled down all the fiber lines that people were advertising: the three-year AT&T Verizon bridge, also Deutsche Telekom and just looked at the cities were three or more fiber lines were converging. And then I said: “These are likely points for acquisition of data. Most of them were in the United States, about - for AT&T 2232, I think, were in the United States. Simply because eighty percent of the entire fiber network goes through the United States, by design, I might say.

That was no coincidence that the lines from South America go up to Miami then back down to South America. Because that gives them the opportunity to see what’s on those lines. Anyway, these are some of the converging points, and I was simply listing out the cities were multiple lines converge for AT&T in New York and also Verizon.net multiple lines, and British Telecom. That gives you the opportunity to put a forwarding position in New York for example and then have acquisitions, and taps if you will, knowledge at… either with or without the knowledge of these companies, and then take that data off and pass it back to a central point to forward back, using perhaps the unused fiber lines of the existing telecoms.

So, it’s a matter of how you get data back. It’s a way to organize and simplify data for them. So these were some the ones in the US, there are a few more here in the US. Then, of course, I just went to other locations around the world. And these are just highly likely places they would place these devices to collect the information. Now, I know that in a newspaper in the Netherlands they just published a number of locations of the fiber optic taps that they had for NSA along with a comment that said greater than 50,000 implants.

Now, that meant of course they were implanting software in different switches, and different servers to… and computers, to own them basically. So that the routers can be effectively used for orders of information: like if Chancellor Merkel went somewhere in the world, then her phone number could be a task on those routers, and if they were sought, wherever it was, her stuff could be routed back to the United States. That’s the way you can use these implants. So, but that’s over 50,000 of them. So, basically, NSA owns the net, ok? So, that’s the idea.12:30 Organizing acquired data through the analysis of social networks

Now, once you acquire the data, you have to analyze it. Now, the principle we used is being able to look in the twenty terabytes minute is kind of a difficult thing. You have to organize it so efficiently so you don’t… If any part of that process starts to back up, it starts to fail, and it falls. So you have to make sure you do everything as rapidly as you can to keep up with the rated input, because this input is 24 hours/day.

So we had to do this with looking at metadata relationships. Now metadata relationships allow you to at least group social networks together with people, and also cooperative networks in that community, companies collaborating, or things like that will show up in the social networking. And so, what that means is if you have, for example, a set of targets that’s known, then you can look through this entire social networking up to probably the order of 4.5 billion people in the world using either telephones, or email, or some sort of network that you can acquire here. And you can look at that and see… we defined it as the area’s suspicious area, or the zone of suspicion is within two degrees of a known bad guy, or a…

Like, if these were terrorists you got two degrees [pointing at projection]: that’s like the first degree, and then that’s the second. But you don’t go beyond that to the other seven billion people in the world. That’s a targeted attack, and now you add other kinds of information to it, like, for example in terrorism: if you have a satellite phone coming out of the mountains in Afghanistan, or something out of the jungles in Columbia, a satellite phone, than you have a pretty good idea that that’s probably - in the one case a dope dealer, in the other case the terrorist. So, and that gives you a reason to target that, so you add those to the zone of suspicion, okay, in UT.

That’s what you work. But it’s a finite, focused effort. And now it’s a manageable set of data. I mean you have about 45 thousand handlers that would look at that, and you could do perhaps have a hundred thousand targets in any given day, so it’s a manageable problem now. That was the whole objective, because up to that point everybody was doing things like Google searches with words or phrases, and they would get tens of thousands of returns every day. All that data would go away the next day, they would get another group of tens of tousends groups coming in. So it was making their job almost impossible.

That’s why they missed all the terrorist attacks: the bomber in Boston, and the shooter in Fort Hood, the bomber in Times Square New York City, and the Underwear Bomber. Not that they didn’t have the data, they just - they were buried in other kinds of data that they were looking through. So it made them dysfunctional. So, one of the reasons I opposed collecting on everything and everybody in the world is because of this dysfunctionality, when you get buried with data. I mean, they don’t have smart approaches to sort it out. That’s why they continually fail. So… But the idea is to do this.

Now, I’ll just take the public switched telephone network for case, a case in point. It’s all organized by zones, so that the world is divided into nine zones. After you dial 00 or 01, if you’re in the US, then the next number is the area of the world. Or it could be you’re going internationally, which is own country to country. So they could see a country code or an area code to the world, so… But, if you looked at that, and use that information, it boils it down into this kind of relationship. Yep. So you have 00, than one end is guaranteed to be foreign. It may be foreign to foreign, like country to country, or from one zone to another, but it’s still, at least one end is foreign.

If it’s the United States to foreign, it’s 01 or 011. If you have that case, you always know which one end is foreign also. So, just by the prefix numbers to get to the switches for international communications, you know that at least one end is foreign, or both ends are foreign. These numbers starting with these switch excesses here… If it goes to one, then you know it’s internal: US to the US. That, to me, separated the constitutionality issue out immediately, with the phone system anyway. For others, you do it by the ipv4, ipv6 numbers, or Mac numbers, or user ID and service provider combinations, or a combination of all of that. But those kinds of things separate these groups of things out, so the one end is foreign, or both ends are in the United States. And that’s the place where you want to delete all of this. We didn’t want to have any of that, because it’s against our Constitution.

This is acquired without a warrant. That’s why I objected to visa court, I think all the visa court should be fired. They have done a disservice to the United States, to the constitution, and everything, every law we ever had. They the gone back to issuing general warrants like they used to call them when King George was in charge. You know, George III, 240 years ago. We got a really totalitarian state back then, and the problem is: we don’t recognize in the United States what a totalitarian state is, or what it’s like.

You here have some experience personally, the people living here and experienced it: in East Germany. So, I mean, and I’ve been… you know I used these quotes from Chancellor Merkel or Wolfgang Schmidt. The cases in point where people have first-hand experience are saying what this is, and we should listen to that in the United States. We should listen. It’s the fact that we have no experience in it, for several hundred years anyway. So, except in the case of Nixon, and there was only involved a finite number of people. I mean, what Nixon did is finite. This is orders of magnitude more than that. I mean, even Nixon did a few thousand people, this is, like, everybody, 300 million, plus - just in the United States.

So, but, any rate, so this would be a way to separate it out. And then of course you use the two degrees of separation in the foreign, US to foreign, or foreign to foreign, and then that separates it all down. That’s an acceptable attack for every country in the world. I mean, there you are going after terrorists calling somebody in your country, or who those people in your country are calling. That’s the limit. That’s this zone of suspicion, you don’t go beyond that. That gives it a focus for your analysts in your… in the BND, or any of the other services, or GCHQ. It makes it manageable now.19:02 Handling Big Data – problems and goals

And it gives privacy to everybody else. All that data that’s being passed around your password isn’t in the databases anymore. Whereas now, they took the total approach of saying: “Let’s collect everything and not delete anything”, and that’s what they’re doing, that’s why they have to build Bluffdale, that million-square-foot facility to store all this data. They’re getting all the data, they just don’t know what to do with it. Because again their analysts are buried, they are storing, and I hope that somebody under the… or requesting aid for the private industry. About a year and a half ago, it was the White House Big Data Initiative, where they were soliciting companies to come in with algorithms that would look through big data and figure out what was important in there for them to take out of that and give it to their analysts to analyze and report on.

I’ll show you some the objectives that they’re trying to do here, too. One is - going back to that graph - is trying to do new development, new target development, automatically - which we had achieved already. But they threw that away. But the other is to try to get profiles of transactional relationships in communities. That means their profile in the community and what is the community, and what it’s doing, to try to predict what they’re intending to do. Like, for example, if you have a dope ring that’s run out of Columbia and they’re trying to sell dope to somebody in United States, you have to have a transaction for a contact there to make the deal. Then you have to have the transaction for transfer of funds, they have other transactions that would evidence in that transactional profile or their community, which show movement of the dope to the transporters, and the transporters moving it to the customer in the United States. So you could see all those transactions. The point is: how many of those transactions show a profile that proves that that’s what they’re doing. And that’s the kind of automated analytic processing they want.

They want to look at transactional profiles, get profiles of interest to do automatic reporting, and then do intervention - this should be before the fact, so… this is what intelligence is supposed to do: prediction of intentions, of intentions and capabilities, not forensics. What they’re doing now is forensics. You know, they look at the Boston bombers, and they go back and see what they did, and they come back and say “Oh yeah, they did all this.” Well, that’s a police job. The intelligence job is to do prediction of intentions and capabilities, so that there’s an opportunity to intervene, to stop something, or to influence it in some way or another – diplomatically, or militarily, or something. That’s not the job, police forensics is not the job of intelligence but that’s what they’ve adopted. That’s because their main support is now for law enforcement. That’s real, and nobody’s talking about that. But they’re spreading it around the world. Now I’ll get into that.

So: so the idea is just to take one bad guy and look at the first contact, and only go out two degrees. Now, when you do this, and you input the attributes that the people that want to select out of the database, out of the dataflow - 20 terabytes, we are going to scale up after twenty – so, you only need the attributes of these two to get that entire group. If you start putting the attributes here at these, now you get the third degree down. So, then everything goes up exponentially in terms of numbers of targets you’re looking at. So you need again to try to keep it finite as best you can, so that only these two were the ones. So that gets to be a finite number of attributes you looking for in this flow of information which is going on. So now it’s a manageable thing to detect, a device can automatically do that for you.

So, then, as an example, to show you the idea - this is all done by code, by the way: if you had two people who… these two came into California. This is [pointing at projection] … these are the two, they came into the West Coast from Kuala Lumpur after they had a terrorist meeting over there. And the Malaysian intelligence reported that they were on their way. So, we also knew they were on the way, but they also made phone calls - these two made phone calls to Yemen, to the facility, the Al-Qaida facility in Yemen. And General Alexander got there and said we couldn’t tell the other end was in California. And I said “ay” [facepalms].

I said: “This is impossible, he must not have had his caller ID on.” I mean, the entire switched network works automatically. Either the switch notes the data and they can route the calls back and forth, or they don’t. And if you don’t have all that, then you can’t make the connection. So the switches have to know when they have to pass that data, and that data is there, and that’s how caller ID works. So, I mean, all the data was there. I mean if you are looking at Yemen and making the calls to the West Coast you would see the number being dialed. If you are looking at the West Coast, you see that number associated with the number that it was calling, which was the Yemen facility. So, I mean, you know it’s just impossible for me to concede that they would actually expect us to believe that. OK. But it’s a way of covering up their level of incompetence, that’s all.

So any rate, the ideas: this [pointing at projection] goes along, and you have rules in there. If you don’t know who someone is, you do things like, encrypt it, until you get multiple attributes that will show where… multiple characteristics that will show who are, in fact, targets. In this case here we knew: this the guy who financed everything out of Dubai, and so we didn’t have that. We couldn’t uncover him. All this, by the way, is on the web, and we pulled this off the web and built this profile to show what they should have been doing, which they killed by the way. This process could have worked for them.

And another thing: they said they didn’t have the Connected Dots program before him; that is absolutely false, they had a Connected Dots program since 2000. So they had it years before 9/11. They also killed it, that was the problem, and didn’t resurrect it until they wanted target everybody in the world, starting with everybody in the United States.

So, this this kind of thing just keeps going on. They will simply take it all, it can be email or phone, and as you see, once you identify people, you begin to target them. If it’s US-protected, you’ll see someone show up here, like in the United States. Than you do an encryption of the attributes, we can’t tell who it is, but we can still encrypt it, so you can follow the actions and what they’re doing, who they are associated with, and that just continues through the entire… This [pointing at the slide] was all we compiled about the 9/11 hijackers prior to 9/11, but you can see how that would work.

And I think that’s the last one [the last slide]. And then, finally, what you do is: every year, every…. See, the trillions of transactions will collapse down to billions, tens of billions of relationships. So you get a graph about that size for phone calls, and a similar graph for email, or computer communication.

But then you will want to do a timeline, you want to put things together in a time sequence by community. So here [points at slide] would be the phone numbers and emails of that community over this period of time, and you could see the relationships here, and say: “There is something going on here, what is that?” Then you can… If, for example, there is data with it, like a transcript of a phone call, or an email, or a file transfer, or something you can read, there’s data. So this tells you: there’s data with that transaction, in in this time line. So then you could click on that symbol for the data and read the data and try to get an idea what’s going on with the transactions there.

But their idea here is to try to automate the process of doing that, so that they can look at these relationships and the combinations of relationships along with the data and see if they can automatically discover and automatically predict what their intentions and capabilities will be, by what they’re doing in this timeline. That’s one of the things they want with the Big Data initiative. Which is all possible, by the way. In fact, you can even… We were planning to write reports with that, taking this data, doing a diagnostic of the content up there together with the combinations and the community, the people the community was that we knew about. But it was a terrorist and we had certain rules that we would look for, a combination we would look for in statements over here in the data that we would then use to infer directly what their intentions were, what their actions were, what they were planning - an attack or something. We would use that to do that, and you could automatically make that suggestion from just this kind of combination updated.

Fortunately, I never got to finish that job for NSA because they could have used against everybody in the world. And it could have been against the Tea Party, for targeting for the IRS - the IRS is a part of the sixth Special Operations Division, the DEA, and the FBI and NSA. You’re looking at NSA data, so they’ve got all the scrapping. So… and they also could attack the user to attack religious groups, or the Occupy group, or any political group that they don’t agree with.

I mean, after all, it’s what they did with the emails that General Petraeus and General Alan… They went back to thousands of personal emails. Well, where do you think they got it? They got it from the NSA database, from the upstream collection on the fiber optic taps that they’ve got in all the wires. That’s how they are collecting all this data. That, plus the other side of the prism program is that they fill in the missing 20 percent that they didn’t get from the upstream collection. This gives them a fairly good idea on the entire collected…

But then, all of this data is now being used by law enforcement. I didn’t have any evidence of exactly how they were doing it until the Reuters report came out about it, the Drug Enforcement Agency, where they had this Special Operations Division setup that includes the FBI, CIA, DIA, NSA, the IRS, the DHS – a part of Homeland Security, basically the big intelligence agencies, and they’re going through all of his data.

And here are the rules for using this data: you can’t reveal it to investigative reporter files - you never document. Okay, and you don’t write any affidavits for the court, or you don’t tell attorneys in in the case you arrest… They’re using it to arrest people. So these are the rules: you don’t tell the attorneys and you don’t tell it anyone in the court, you don’t tell it to the judge or at any of the court proceedings, and you don’t add any documents for them. And don’t tell state or local officials, people going to do the arrest. And you don’t tell your foreign counterparts, and that means to all the foreign counterparts to the Drug Enforcement Agency, and the FBI are getting is information this way, but they’re not being told the source of it.

And what they’re doing is: they’re not telling the courts. In our side, that means to me: I call this a plant programmed perjury policy by the attorney, run by the Attorney General of the United States. In fact, we had a lawsuit that was challenging the constitutionality. That was called Amnesty International vs. Clapper. That just recently got thrown out at the Supreme Court. And it was thrown out based on the assurances of the Solicitor General of the United States to the Supreme Court that they would… that they were using NSA data to prosecute or take try anybody in the courts, that they would ensure that they were told that the source of their original arrest was the NSA data. That was a lie. They’ve never told anybody. Now the Solicitor General’s trying to figure out how to recover. He’s going to try to go back and see how many cases we used NSA data on.31:14 Dishonesty and secrecy as a repeating pattern

So, I don’t have any firsthand knowledge, all I have is that Dianne Feinstein, the chair of the Senate Intelligence Committee said that hundreds of people were arrested using this data every year. Well, this is a total violation of their constitutional rights in our - in my country. They have the right to challenge discovery. That means you have the right to know what the original evidence was to arrest them. So they’re violating their rights and their constitutional… actually it’s the Freedom of Association, that’s a violation of that because going by these associations are violating that right under the First Amendment, you’re violating the privacy rights under the Fourth Amendment and you’re violating the right not to testify against yourself under the Fifth Amendment, because they’re using that to acquire them.

One of the arresting officers in state and local law enforcement, one that did the actual arrest, said: “All we’re told is like, to go to this parking lot, wait here, wait for this truck to pull into that slot, and then go arrest them, and send the drug dogs in, and have them sniff out the drugs.” Well, they don’t do that from metadata, right? Metadata doesn’t tell you that. That comes from content, and again that’s from the upstream collection in the prism program, that’s where they’re getting all this content, including the hundreds of millions of messages sent from phone to phone by everybody in the world every day. So that’s…

The problem here for you is that we’re infecting your judicial system with the same process. You are not being told the original source here, so I don’t know how your courts operate, but at ours it would simply be unconstitutional as cases would be thrown out of court immediately.

So any rate and to take evidence into the court, they do what’s called a parallel construction, that is, they take… You think about how, how would you normally come around to get evidence to arrest them in the first place and substitute that evidence with the NSA evidence. So that’s where the perjury comes in: they’re lying about the evidence they used to arrest people and try them. Actually, the primary way they do it is: they get a plea bargain from the defendant, because they show him all the evidence, and they get him to plead. They don’t say that it came from NSA collection without a warrant, you know. Because that would kill the case.

So that’s the question of honesty and end up being honest, but that’s not new, right? We have a consistent pattern here. These people lie all the time. I mean if Clapper can lie to congress and Alexander can lie to them, they can lie to the public, and they can get the President to say things that aren’t true. I mean it’s the whole, the whole foundation at this process that is going on here, it’s a pack of lies. It’s all being managed by a secret court, in secret, with secret interpretations of laws that were written. Representative Sensenbrenner, who helped the right, the Patriot Act, said: “We wrote this Act so that you couldn’t do what you’re doing. We wouldn’t even know you were doing this if not for Snowden’s releases.” When they found out what they’re really doing, that came out of the documentations that Snowden took out of the NSA. He said: “We wrote this law, this was never intended.” That’s because they had a secret interpretation of the words in this law.

Well, I mean it’s a secret and they’re making a court, the secret court is making decisions about what is constitutional and what isn’t. So that’s a secret court making… setting up a secret constitution. So here, this is what a totalitarian state does. They do everything in secret. Our entire country was formed on the principle that the people were supposed to know what the government was doing, not the reverse. I mean, that’s why we had the Bill of Rights. That’s why those freedoms are stated there. Because we came out of George III, and George III was violating all those principles that we held: privacy and all of that. And so we substituted George the W. for George III. And then from there, it went downhill.

Because it’s only getting worse. Now, they’re doing - under Obama – they’re doing more and more. So any rate, this is the most serious problem I’ve ever seen, the most serious challenge to democracies around the world. I mean even the Russians of course are envying this, I’m sure they would like to be able to do this. And we’re only in a position to be able to do it because we’ve got the resources to apply against it. I mean if you had similar resources, I’m sure that your governments may be in in jeopardy of doing the same thing. The problem is, I think, one of human nature: if you give that kind of power to people, eventually they use it, somehow. So it’s really a built-in human problem.

I mean that we have to find out ways and means of checking it. So we… for whoever whistleblowers from NSA constructed 21 suggested recommendations for the President to correct and make sure NSA is not going down the bad path anymore. I mean this is the result of the Vice-President Cheney saying “we’re gonna go to the dark side”. This was the dark side. This is what they were trying to cover, this was the hospital visit to Ashcroft at Brigham sign, saying this was legal to do. This is what this was all about that was all about a mystic spy. Which was primarily where our laws are coming in. But it’s about everything.

I mean, in my mind they’re making the entire intelligence network dysfunctional. That’s the problem I see. But if we don’t stand up and do something, we have a… we are in jeopardy of losing our democracies, all of us. And this is not… it’s not a pleasure to have to sit here and talk to you about this, but this I felt I was obligated to do. Thank you.

Moderator: Thank you very much for this wonderful speech and presentation, and Mr. Koenen (?) wants to ask you two questions. So, go ahead.

Question: One short question: Would you call America a police state?

WB: Yes.

Question: It is a police state. Oh, okay. Second question, maybe of interest for all of you on the floor: Is there any protection for individuals, and as well for companies, beyond shut down any communication?

WB: Actually, there are ways to do it, but you have to… you can’t use publicly available encryption systems, because they’re all compromised. And you have to create your own encryption system, that’s not hard to do. Okay, that’s not really hard. And that will really drive them crazy, because now they will have to work to get the answers. Right now, they see all the users on the network, or across the network. If you have keys in their lingo penetrate your system, pull the keys down, you know. Your encryption is useless.

Or else, they have… Under, what is it, Bull Run program, they have all the people who work generating these publicly available encryption systems. They put weaknesses in them, so they can break them, and they know that weakness. So the problem with that is: everybody else can find these weaknesses, too. So, you know, that’s a problem too. So if I’m recommending, okay, I recommend this: Get your own computer programmer in your own spaces and it does become your intellectual property. You design your own encryption system, and use it within your network of your business.

If you want to secure it, you have to define what you want to secure first. And that becomes your intellectual property. Now you’ve created a problem, because it’s not shared, they don’t know the algorithm, and they don’t know necessarily who. They have to start working on it. That’s not an easy job. I know, because I’ve done that, okay. So - but once you do that, you have to also keep your encryption/decryption system separate an isolated as offline. You have to have an air gap. If you don’t have an air gap, they can be penetrated, okay? So, and the other thing is: you have to tempest it so that it doesn’t radiate, so that the radiation can’t be detected and also translated, you know, back into the data that’s in the computer. So, all of that, you have to that, then keep it isolated and… If you want to protect our intellectual capital and so we have to do it. And then you’re pretty much secure.